﻿using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;

namespace SecretDemo.Controllers
{
    [Authorize(Policy= "ValidUserPolicy")]
    public class MyApiController : Controller
    {
        /// <summary>
        /// 验证Token
        /// </summary>
        /// <param name="token"></param>
        /// <returns></returns>
        [HttpPost]
        public IActionResult DoCheckToken()
        {
            //if (string.IsNullOrEmpty(token))
            //{
            //    return Json(new { code = 0 });
            //}
            ////从缓存里读取的user
            //var userCache = Com.GetUserByToken(token);
            //if (userCache == null)
            //{
            //    return Json(new { code = 0 });
            //}
            string account = User.Identity.Name;
            //读取数据库的user
            var userDB =new UserDBAccess().GetUser(account);
            if (userDB == null)
            {
                return Json(new { code = 0 });
            }
            return Json(new { code = 1 });
        }
        [HttpPost]
        public IActionResult DoGetUser(string name)
        {
            //do something here
            return Json(new { code = 1 ,user=new UserDBAccess().GetUser(name)});
        }
        [HttpPost]
        [Authorize(Policy = "Action1")]
        public IActionResult DoAction1()
        {
            //do something here
            return Json(new { code = 1 });
        }
        [HttpPost]
        [Authorize(Policy = "Action2")]
        public IActionResult DoAction2()
        {
            //do something here
            return Json(new { code = 1 });
        }
        [HttpPost]
        [Authorize(Policy = "Action3")]
        public IActionResult DoAction3()
        {
            //do something here
            return Json(new { code = 1 });
        }
    }
}
